alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2025-10-28 04:05:39 +00:00
Code Issues Packages Projects Releases Wiki Activity
28,524 Commits 22 Branches 172 Tags
e213a7ffdd573572633e60fa5a2eeac54bc644e3
Commit Graph

24 Commits

Author SHA1 Message Date
Espressif BOT
35cd5ee57b Update esp_crt_bundle certificates 2023-01-11 10:00:31 +08:00
Harshit Malpani
e215ede439 mbedtls: Add support to build for linux target 2023-01-04 11:17:29 +05:30
Espressif BOT
91bd4a1f80 Update esp_crt_bundle certificates 2022-10-13 10:00:11 +08:00
Roland Dobai
bab3830797 Tools: Fix flake8 version 5 warnings 2022-08-12 08:13:13 +00:00
Espressif BOT
72fe927e85 Update esp_crt_bundle certificates 2022-07-20 10:00:11 +08:00
Espressif BOT
4a56352f56 Update esp_crt_bundle certificates 2022-04-27 11:26:58 +00:00
Aditya Patwardhan
c27c6916a7 esp_crt_bundle: Add bounds checking for the "esp_crt_bundle_set" API. 
Closes https://github.com/espressif/esp-idf/issues/8397
 2022-03-31 13:11:11 +05:30
Espressif BOT
f51da7dded Update esp_crt_bundle certificates 2022-03-25 10:48:34 +05:30
Mahavir Jain
5f646b1d43 mbedtls: move locally managed root certificates to separate file 
Purpose:
This will allow for easily automating periodic updates to
"cacrt_all.pem" file.

Note:
For now newly created "cacrt_local.pem" contains single "DST Root CA X3"
which we are keeping to manage compatibility with endpoints like
"howsmyssl.com". Please note this Root CA is expired and is not part of
Mozilla’s NSS root certificate store.
 2022-03-21 22:39:24 +05:30
Laukik Hase
52170fba7f esp_crt_bundle: Fix build error 
- When `esp_crt_bundle.h` is included before any config,
  a build error (`esp_err_t` not defined) is observed

Closes https://github.com/espressif/esp-idf/issues/8606
 2022-03-21 09:05:06 +00:00
Laukik Hase
3925365351 ci: Fix pre-check stage failing tests 
- Updated license headers
- Re-enabled public headers and static analysis checks
- Fix public header file check failure

Co-authored-by: Aditya Patwardhan <aditya.patwardhan@espressif.com>
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
60b167f2d6 mbedtls-3.1 update: Removed the MBEDTLS_PRIVATE from multiple files 
after they have been again made public in mbedtls-3.1

*Added `MBEDTLS_ALLOW_PRIVATE_ACCESS` in some files.
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
3b71bd7326 mbedtls-3.0: Fixed ESP32 build issues 
- Added MBEDLTS_PRIVATE(...) wherever necessary
- For functions like mbedtls_pk_parse_key(...), it is necessary to pass the RNG function
  pointers as parameter. Solved for dependent components: wpa_supplicant & openSSL
- For libcoap, the SSLv2 ClientHello handshake method has been deprecated, need to handle this.
  Currently, corresponding snippet has been commented.
- Examples tested: hello-world | https_request | wifi_prov_mgr

mbedtls-3.0: Fixed ESP32-C3 & ESP32-S3 build issues
- Removed MBEDTLS_DEPRECATED_REMOVED macro from sha1 port
- DS peripheral: esp_ds_rsa_sign -> removed unsused 'mode' argument
- Added MBEDTLS_PRIVATE(...) wherever required

mbedtls-3.0: Fixed ESP32-S2 build issues
- Fixed outdated function prototypes and usage in mbedlts/port/aes/esp_aes_gcm.c due to changes in GCM module

mbedtls-3.0: Fixed ESP32-H2 build issues

ci: Fixing build stage
- Added MBEDTLS_PRIVATE(...) wherever required
- Added RNG function parameter
- Updated GCM Module changes
- Updated Copyright notices

- Tests:
- build_esp_idf_tests_cmake_esp32
- build_esp_idf_tests_cmake_esp32s2
- build_esp_idf_tests_cmake_esp32c3
- build_esp_idf_tests_cmake_esp32s3

ci: Fixing build stage (mbedtls-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

ci: Fixing build stage (example-related changes)
- Added MBEDTLS_PRIVATE(...) wherever required
- Updated SHAXXX functions
- Updated esp_config according to mbedtls changes

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

ci: Fixing target_test stage
- Updated test SSL version to TLS_v1_2

- Tests:
- example_test_protocols 1/2

ci: Fixing build stage
- Added checks for MBEDTLS_DHM_C (disabled by default)
- Updated esp_cryptoauthlib submodule
- Updated factory partition size for legacy BLE provisioning example

- Tests:
- build_examples_cmake_esp32
- build_examples_cmake_esp32s2
- build_examples_cmake_esp32c3
- build_examples_cmake_esp32s3

Co-authored-by: Laukik Hase <laukik.hase@espressif.com>
 2022-03-03 01:37:10 +05:30
Aditya Patwardhan
2d1f18efea Updated the cacrt_all.pem file with latest Root certificate list. 2021-10-17 00:01:37 +08:00
Victor Morales
4e45f13e2d esp_crt_bundle: remove EC-ACC certificate 
Fixes bug #7631
 2021-10-01 14:18:46 -07:00
Fu Hanxi
0146f258d7 style: format python files with isort and double-quote-string-fixer 2021-01-26 10:49:01 +08:00
Marius Vikhammer
7e0f362149 esp_crt_bundle: add additional unit tests 
Add unit test for:
 * Trusted certificate with weak hash algorithm signature
 * Certificate with wrong signature

Merges https://github.com/espressif/esp-idf/pull/6117
 2020-12-08 10:11:31 +08:00
Jeff Epler
a79cb9f8cd esp_crt_bundle: Allow verify_callback to correct BADCERT_BAD_MD 2020-12-03 14:53:53 +08:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit) 
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
 2020-11-11 07:36:35 +00:00
Marius Vikhammer
c343323863 Fixes issues with gen_crt_bundle.py for unicode chars 
gen_crt_bundle.py could fail to parse the certificates if it contained a non-ascii character.
 2020-06-08 18:27:03 +08:00
Marius Vikhammer
f72d259622 esp_crt_bundle: fixes the "No CA Chain is set" error 
When compiling esp_crt_bundle.c, it would end up with a different struct layout due
to configuration options from "mbedtls/esp_config.h" not being considered.

This lead to ca_chain potentially not being set correctly.
 2020-05-21 15:19:49 +08:00
Marius Vikhammer
9ccc5e6d84 cert bundle: Fix memory leak during cert verification 
Also refactors the unit tests and fixes the test case, as it was giving false positives.

Closes IDFGH-2950

Closes https://github.com/espressif/esp-idf/issues/4983
 2020-04-07 18:50:30 +08:00
Aditya Patwardhan
874e987a3b esp_tls: change argument pointer type to (void *) for esp_crt_bundle_attach 2020-03-11 15:54:05 +05:30
Marius Vikhammer
947e3e94ed Add ESP certificate bundle feature 
Adds the ESP certificate bundle feature that enables users to bundle a
root certificate bundle together with their application.

Default bundle includes all Mozilla root certificates

Closes IDF-296
 2020-03-04 10:51:43 +08:00